📦 Pulsar

This vulnerability in Apache Pulsar allows attackers to bypass JWT token authentication by using tokens with the 'none' algorithm, which are not properly validated. It affects any Apache Pulsar instan...

Apache Pulsar Proxy has an improper authentication vulnerability that allows unauthenticated access to the /proxy-stats endpoint. This exposes connection statistics and allows logging level manipulati...

This CVE describes a directory traversal vulnerability in Apache Pulsar Functions Worker where authenticated users can upload malicious JAR/NAR files containing path traversal sequences (like '..') in...

This vulnerability allows attackers to forge SASL Role Tokens that pass signature verification due to timing discrepancies in Apache Pulsar's authentication provider. Attackers could potentially gain ...